We have a FreePBX behind the Sangoma SBC, tried to enable the SIP Firewall to block the REGISTER attempts but seems it does not work as expected.
It looks like that Sangoma SBC only monitoring SIP response 403 while the FreePBX is always replying with 401 Unauthorized
I need some help to understand if I missed some part of setting on SBC or have to do something on FreePBX.
401 is not a failure; it is a challenge for authentication.
yes, you are right, but wondering why pbx is still sending the 401 after getting the challenge response from end point and password is wrong! by right it should send 403 after the endpoint replied the challenge with wong password, right?
Resending 401 typically happens if a stale nonce is used in the response.
it seems pjsip always reply with 401 even when password is wrong, on chan_sip the reply is 403 for same scenario
would like to check why PJSIP always reply with 401 when someone trying to REGISTER using wrong credentials? it should send 403 Forbidden after the 1st challenge if the credentials are not correct.
appreciate if someone can point me how to tackle this as I need to get 403 forbidden for security purpose.
Just a note, I moved this as it was a continuation of this thread.
noted, Is this remain under commercial products (SBC) or related to FreePBX PJSIP?
I’ve moved it, but ultimately changing the category just changes where this is located in the forum. That’s it.
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.